Grafana monitoring for AWS CloudWatch via EC2 IAM Role

Grafana is an open source software to create visualization of time-series data. This can graph AWS CloudWatch Metrics too.

As a security best practice when using Grafana on an EC2 Instance it is recommended to use an IAM Role. Using a credentials file may expose access to your AWS Account if ever other people gain access to your Grafana Server.

Follow the step-by-step instructions below on how to attach an IAM Role to your Grafana EC2 Instance and set Grafana to access CloudWatch.

Creation of IAM Role for Grafana EC2 Instance

Create an IAM policy with the below permission in JSON. Name this GrafanaAccessPolicy.

  "Version": "2012-10-17",
  "Statement": [
      "Sid": "AllowReadingMetricsFromCloudWatch",
      "Effect": "Allow",
      "Action": [
      "Resource": "*"
      "Sid": "AllowReadingTagsInstancesRegionsFromEC2",
      "Effect": "Allow",
      "Action": ["ec2:DescribeTags", "ec2:DescribeInstances", "ec2:DescribeRegions"],
      "Resource": "*"
      "Sid": "AllowReadingResourcesForTags",
      "Effect": "Allow",
      "Action": "tag:GetResources",
      "Resource": "*"

Then create an IAM Role with the following properties.

Trusted Entity TypeEC2
Role nameGrafanaAccessRole
Continue reading Grafana monitoring for AWS CloudWatch via EC2 IAM Role

How to install Grafana on EC2 Amazon Linux 2

Grafana is an open source software that specializes in creating graphs and visualizations for users to easily understand the time-series data.

On this step-by-step guide, we will be launching an EC2 Instance with Amazon Linux 2 as the operating system, then install and run Grafana.

EC2 Instance Setup

Launch an EC2 Instance using the Amazon Linux 2 AMI.

For reference here are the settings of my EC2 Instance.

AMIAmazon Linux 2
Instance Typet2.micro (free tier) or
t3a.nano (cheapest)
Storage8GB General Purpose SSD (gp2)
TagsKey: Name
Value: Grafana-Server
Security GroupSee below (EC2 Security Group Setup)

Note: This post is about installing Grafana on Amazon Linux 2. Launching an EC2 Instance will not be discussed here.

EC2 Security Group Setup

For the EC2 Instance Security Group I opened SSH (22) and default Grafana port (3000) to the internet (

Continue reading How to install Grafana on EC2 Amazon Linux 2

How to check if your Windows 10 is 64-bit or 32-bit

When selecting a program installer to download it usually has 2 options: 64-bit installer or 32-bit installer. How do I know which one to download?

TL;DR – click here for instructions.

Nowadays, websites can know which version of Windows you are running and would only give you one link to download the installer. Sometimes, it is not that easy like how I installed Visual Studio Code for all Users in Windows which gave me lots of options, Windows, Linux, Mac, 32-bit or 64-bit versions.

It is important to download the correct version of the installer or else it might not work correctly with your system.

To see what architecture your Windows Operating System is running, see the different ways below.

3 ways to check if your Windows Architecture is 64-bit or 32-bit

Via Graphical User Interface (with screenshots)

To check if your running a Windows 64-bit or 32-bit, right-click on the Start Button (Window button on the lower left of your screen) or on your keyboard click Window+X.

Then click System.

This will open a Settings window that shows details about your computer.

Continue reading How to check if your Windows 10 is 64-bit or 32-bit

Installing Visual Studio Code for All Users in Windows

I am trying to install Visual Studio Code for all users in Windows but it always installs for a single user. Is there a way to install it one time and it is installed for all users?

Yes, there is a way to install Visual Studio Code for all users in Windows.

TL;DR – Download the System Installer here and install.

The Problem

Visiting the website of Visual Studio Code ( and pressing Download for Windows will download the installer for a single user in Windows.

What if you have multiple users in your Windows computer like me? I have a different User Accounts for different projects and different use cases. I had to install for different users.

Follow the tutorial below to install Visual Studio Code for all Users.

Continue reading Installing Visual Studio Code for All Users in Windows

Copying a Key Pair Generated by AWS to Another Region (with Screenshots)

I have an existing key pair that was generated via AWS Console. Since I do not want to create another set of Key Pair for the other regions, I would like to use the same Key Pair. Is it possible to copy the Key Pair to another Region? How can I do this?


Hi Dany, the short answer to your question is yes, it is possible to copy your existing AWS generated Key Pair to another region and even copy this to another AWS account.

The Challenge with AWS Generated Key Pairs

Generating the Key Pairs via AWS Console is easy, it gives you the Private Key and you can launch EC2 instances and associate it with your instance by adjusting the settings during EC2 Instance Launch. Then you can SSH to your EC2 Instance via the Private Key.

The issue here is the Public Key. AWS does not provide the Public Key during creation or any time after that.

Do not worry, we can still get the Public Key. It is not easy as clicking on the console then selecting copy to other region, but it is still doable.

See the steps below.

Step-by-step guide on copying a Key Pair to another region.

For this tutorial, I have created an AWS Key Pair in N. Virginia Region (us-east-1) – radishlogic_key.

The goal is to copy the Key Pair to Oregon Region (us-west-2).

Here are screenshots of my Key Pair.

Key Pair in AWS Console
Private Key

1. Retrieving the Private Key in N. Virginia Region (us-east-1)

Launch a temporary Linux EC2 Instance in where the Key Pair is located (us-east-1). Any Linux Image will do.

Continue reading Copying a Key Pair Generated by AWS to Another Region (with Screenshots)

Setup IIS FTP on Windows Server

I will be transferring a lot of files to my Windows Server and File Transfer Protocol (FTP) would be a great way to do this.

Below is a step-by-step instruction on how you can install and configure FTP via Windows Internet Information Services (IIS).

By the way, I have tried the instructions below on Windows Server 2012, Windows Server 2016 and Windows Server 2019.



Installation of IIS FTP

1. On Windows Server open Server Manager.

Click on Start Button on the taskbar, then click Server Manager.

Start Button is the window icon on the bottom left of the screen.

2. On Server Manager window, click on Manage then Add Roles and Features.

3. On Add Roles and Features Wizard window, click on Next.

Continue reading Setup IIS FTP on Windows Server

Running Minikube in AWS EC2 (Ubuntu)

If you are studying Kubernetes and having a hard time running Minikube on an EC2 Instance, you are not alone. I had a hard time doing it when it was my first time.

Below are the steps (and some comments) that I took to help me run Minikube on my EC2 Instance.

Installation of Minikube on EC2 Ubuntu

1. Run a public EC2 Server with the following setup

AMI Ubuntu Server 18.04 LTS (HVM), SSD Volume Type
Instance Type t3.micro (2 vCPU, 1GB Memory)
Storage 8 GB (gp2)
Tags – Key: Name
– Value: Minikube
Security Group Name: Minikube Security Group
– SSH,
Later we will be editing this.
Key Pair Create your own keypair.
You will need this to SSH to your EC2 Instance

Update: I changed the Instance Type from t2.micro (1 vCPU) to t3.micro (2 vCPU). An update to Minikube required a minimum of 2 vCPUs. The error when running with t2.micro was Requested cpu count 1 is less than the minimum allowed of 2.

t3.micro is no longer in the Free Tier, make sure to stop or terminate the instance after you are done testing to avoid a huge AWS bill.

Thank you to everyone in the comments section who pointed this change.

2. SSH into your created EC2 Instance using your keypair.

ssh [email protected]<ipv4_public_ip> -i <keypair>.pem

3. Install kubectl

curl -LO`curl -s`/bin/linux/amd64/kubectl
chmod +x ./kubectl
sudo mv ./kubectl /usr/local/bin/kubectl

4. Install Docker

sudo apt-get update && \
    sudo apt-get install -y

Minikube requires Docker. Continue reading Running Minikube in AWS EC2 (Ubuntu)

boto3: Convert AMI Creation Date from string to Python datetime

When retrieving the AMI Creation Date from boto3 it returns a string data type. Visually, this is okay but it is challenging to do operations and comparisons to the AMI Creation Date in this format.

To solve the issue we need to convert the AMI Creation Date from type string to datetime before we could do some operations.

The AMI Creation Date string looks like 2019-09-18T07:34:34.000Z. To convert this we need to use the strptime function from the datetime.datetime library.

Continue reading boto3: Convert AMI Creation Date from string to Python datetime

Fix WordPress New/Edit Post not showing with CloudFlare

It happened to me, every time I click on new post or try to Edit an existing post on my WordPress site it only shows a white blank page.

I first thought it was one of the plugins, so I disabled all of them and tried adding a new post but it still showed a blank page.

If it is not a plugin then what might it be? WordPress site is working so there is a high probability that it is not wordpress. Then the cause might probably be my Cloud Delivery Network (CDN), which is CloudFlare.

I tweaked a few settings in CloudFlare and voala, it worked! I was able to edit and create new posts again on this site.

Continue reading Fix WordPress New/Edit Post not showing with CloudFlare